]> git.evergreen-ils.org Git - working/Evergreen.git/commit
projects / working / Evergreen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 917f1c3) | patch
In oils_cstore.c: further tightening input validation.
authorscottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Fri, 20 Mar 2009 18:55:48 +0000 (18:55 +0000)
committerscottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Fri, 20 Mar 2009 18:55:48 +0000 (18:55 +0000)
commit563f37cda24c80e17a615d2987890b01aa397dd9
treeb77033eff0394ac17bcbf0ed3045191a91352130tree
parent917f1c32b47140d2646cf36f0d83f0c98a4e63b6commit | diff
In oils_cstore.c: further tightening input validation.

1. In searchValueTransform(): make sure that the JSON_ARRAY
received as a parameter is not empty.

2. In searchFunctionPredicate(): make sure that the operator
received as a parameter is acceptable, i.e. it isn't an
opportunity for SQL injection.  Also: changed a parameter name
"node_key" to the more descriptive "op".

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12632 dcc99617-32d9-48b4-a31d-7c20da2025e4
Open-ILS/src/c-apps/oils_cstore.c diff | blob | history
Evergreen ILS